TechQA.

Which are secrets keys should stored in client application and which stored in the server? Using NACl.Net/Salt

71 views Asked by At

This is first time I try NACl.NET which are desribed here well.

Nuget from here

https://www.nuget.org/packages/NaCl.Net/

I take code usage from here

https://github.com/somdoron/nacl.net

I need to exactly do what this guy was trying to do

Sign a message with as small as possible digital signature in c#

He post a very nice answer. But without code.

From Github code I copied it the same for test. (Everything is OK for now)

  var rng = RandomNumberGenerator.Create();
    Curve25519XSalsa20Poly1305.KeyPair(out var aliceSecretKey, out var alicePublicKey);
    Curve25519XSalsa20Poly1305.KeyPair(out var bobSecretKey, out var bobPublicKey);

    Curve25519XSalsa20Poly1305 aliceBox = new Curve25519XSalsa20Poly1305(aliceSecretKey, bobPublicKey);
    Curve25519XSalsa20Poly1305 bobBox = new Curve25519XSalsa20Poly1305(bobSecretKey, alicePublicKey);

    // Generating random nonce
    byte[] nonce = new byte[Curve25519XSalsa20Poly1305.NonceLength];
    rng.GetBytes(nonce);

    // Plaintext message
    byte[] message = Encoding.UTF8.GetBytes("Hey Bob");


    // Prepare the buffer for the ciphertext, must be message length and extra 16 bytes for the authentication tag
    byte[] cipher = new byte[message.Length + Curve25519XSalsa20Poly1305.TagLength];

    // Encrypting using alice box
    aliceBox.Encrypt(cipher, message, nonce);

    // Decrypting using bob box
    byte[] plain = new byte[cipher.Length - Curve25519XSalsa20Poly1305.TagLength];
    bool isVerified = bobBox.TryDecrypt(plain, cipher, nonce);
    var originalmessage = Encoding.UTF8.GetString(plain);

As we all know the RSA, ECC algorithms given private key, public key.

The secure way is that public-key kept for verify signature in the Client application only

While private-key kept for create signature in the License Server only

Now the above library made me mad. It give following keys

aliceSecretKey, alicePublicKey and bobSecretKey, bobPublicKey

I need to give example above for License Server and a Client Application

Assume that Alice is a License Server. Bob is a Client application

So which keys should stored in Client application?

Is it bobSecretKey, alicePublicKey keys that should stored in client application side?

Please accept my apologies, I don't even know how this strange algorithm works!

c# .net encryption cryptography nacl-cryptography
Original Q&A
0

There are 0 answers

Related Questions in C#

Related Questions in .NET

Related Questions in ENCRYPTION

Related Questions in CRYPTOGRAPHY

Related Questions in NACL-CRYPTOGRAPHY

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Trending Questions